Back to search results

Cyber Security Intrusion Analyst

Denver, Colorado;

Job Description:

The Identity Defense organization aims to protect digital identities which allow access to the Bank's internal network, resources and applications An Identity Defense analyst has the accountability for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.

Support design efforts related to build out of new processes, controls and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help design and implement a scalable solution, inclusive of monitoring, alerting and escalation framework. Partner with senior leaders from line of business organizations to triage security events and report on impacting security incidents.

You will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. Role will also involve discussion with employees as part of alert analysis and disposition.  If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 5 to 7 years of cybersecurity or engineering experience. 

Required Skills:

• Advanced cybersecurity monitoring and event analysis skills. The security analyst will leverage Splunk, SIEM, and other cybersecurity monitoring technologies to analyze traffic, activity, and events across the environment. Splunk experience is required.
• Data analysis/Data science skills.  The security analyst will analyze logs and other security telemetry using a combination of cybersecurity and data analytics tools. Experience with modern data analytics tooling is required, recent experience in an ELK stack or similar data framework is preferred.

• Strong Intrusion Analysis background.  Resource must be able to identify and interpret weblogs from various webservers.
• Knowledgeable of current exploits.  Resource must be able to identify common exploits from the appropriate web and event logs.
• Working knowledge of Linux, Windows, and OS X operating systems.
• Comfortable with scripting languages and regular expressions
• Strong knowledge common network protocols
• Working knowledge of enterprise Client / Server architecture
• MITRE ATT&CK Threat Framework/Threat Modeling
• Experience building operationally sustainable processes
• Experience designing solutions which meet or exceed regulatory guidelines (FFIEC)
• Advanced knowledge of authentication protocols and telemetries
• Analyze data and evaluate relevance to an specific incident under investigation
• Present findings via written reports and orally to key stakeholders in clear and concise language
• Effectively communicates investigative findings to non-technical audiences

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-20048581

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

Referral Bonus:

Starting Colorado pay:

$ 82,400 annual salary

Starting pay explanation

This is the starting pay, actual offers to be negotiated based on applicant’s skills, experience and education.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Hide